Adult websites targeted in malvertising campaign

More than 10 adult websites are hosting malvertising that drops malware onto a visitors system.

Sites include drtubr.com ( which has more than 60 million visitors a month ), nuvid.com, hardsextube.com and justporno.tv, among others.

This particular attack stems from a rogue advertiser on AdXpansion, a legitimate ad-serving company. No action is needed by the victim as the malware is dropped by a Flash exploit, which ultimately drops various malware payloads through an exploit kit similar to Neutrino.

The recent trend is to have the malicious ad both serve the exploit and drop the malware.

Jerome Segura, senior security researcher at MalwareBytes, said: “The bad guys, instead of using the ad as a redirection to a site where they perform the exploitation, they do it all in one package."

The exploit happens immediately when a user lands on an infected page. With all this in mind, Malwarebytes alerted AdXpansion of the issue, and the company halted the malicious advertiser's posting.